I Was Using A Little Shellcode In My Python But Failed

Python version is 2.7.3. Code is like this... The completed code is here https://gist.github.com/3977494 shellcode = bytearray( '\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x

Solution 1:

The telnet lib documentation indicates that (emphasis mine):

Write a string to the socket, doubling any IAC characters. This can block if the connection is blocked. May raise socket.error if the connection is closed.

The IAC character happens to be ASCII 255, which is '\xff'.

If you compare your two dumps: the IAC char FF is being doubled in the python version, but not in the C version, which is using a raw socket, which you could do in Python too using the socket module.

Solution 2:

Your use of bytearray may be altering the shellcode, try defining the shellcode without the bytearray function. e.g:

shellcode = (
        "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x49\x49\x49\x49\x49\x49""\x49\x49\x49\x49\x48\x49\x49\x49\x49\x49\x49\x49\x51\x5a\x6a\x6a""\x58\x50\x30\x42\x31\x41\x42\x6b\x42\x41\x7a\x32\x42\x42\x42\x32"
        ...
        ...
)